<?php

if (!defined('PATH'))
	exit();

class Account extends Controller {

	protected $default_action = 'login';
	public $_title = 'Account Management';

	public function __construct() {
		parent::__construct();
	}

	public function action_login() {
		if (!LOGGED) {
			$view = new View('account/login');
			if (count($this->paramsURI) > 2) {
				$redirect_to = array_slice($this->paramsURI, 2);
				$_SESSION['redirect_to'] = implode('/', $redirect_to);
			}
			$view->render();
		} else {
			$this->redirect(PATH . '/account/management/');
		}
	}

	public function action_regenerate_recovery() { //*todo*
		if (LOGGED) {
			$account = $this->archez->getLogged();

			if (isset($this->paramsURI[2]) && $this->paramsURI[2] == 'verify') {
				//check post data
			} else {
				//view of form
			}
		} else {
			$this->archez->showMsg('You must <a href="' . PATH . '/account/login/account/regenerate_recovery">log in</a> first.', 'notice');
		}
	}

	public function action_lost() { //*todo*

	}

	public function action_change_password() {
		if (LOGGED) {
			$account = $this->archez->getLogged();

			if (isset($this->paramsURI[2]) && $this->paramsURI[2] == 'verify') {
				$new_password = $_POST['new_password'];
				$cnew_password = $_POST['cnew_password'];
				$old_password = $_POST['old_password'];

				$encryption = $this->config['database']['password_encryption'];
				if (!empty($encryption))
					$valid_pass = ($account->getPassword() == $encryption($this->config['database']['salt'].$old_password));
				else
					$valid_pass = ($account->getPassword() == $this->config['database']['salt'].$old_password);

				if (!$new_password || !$cnew_password || !$old_password) {
					$this->archez->showMsg('All fields are required, <a href="' . PATH . '/account/change_password/">click here</a> to go back.', 'error');
				} elseif ($new_password != $cnew_password) {
					$this->archez->showMsg('Failure at new password confirmation, <a href="' . PATH . '/account/change_password/">click here</a> to go back.', 'error');
				} elseif ($this->archez->checkPassword($new_password) == false) {
					$this->archez->showMsg('Invalid account new password, <a href="' . PATH . '/account/change_password/">click here</a> to go back.', 'error');
				} elseif (!$valid_pass) {
					$this->archez->showMsg('Wrong account old password, <a href="' . PATH . '/account/change_password/">click here</a> to go back.', 'error');
				} else {
					if (!empty($encryption))
						$account->setPassword($encryption($this->config['database']['salt'].$new_password));
					else
						$account->setPassword($this->config['database']['salt'].$new_password);
					$account->save();
					$this->archez->showMsg('Your password has been changed, <a href="' . PATH . '/account/management/">click here</a> to go back!', 'success');
				}
			} else {
				$view = new View('account/change_password_form');
				$view->render();
			}
		} else {
			$this->archez->showMsg('You must <a href="' . PATH . '/account/login/account/change_password">log in</a> first.', 'notice');
		}
	}

	public function action_change_email() {
		if (LOGGED) {
			$account = $this->archez->getLogged();

			if ($account->getCustomField('email_new_time') && ((isset($this->paramsURI[2]) && $this->paramsURI[2] != 'confirm') || !isset($this->paramsURI[2]))) {
				$this->redirect(PATH . '/account/change_email/confirm/');
			} else {
				if (isset($this->paramsURI[2]) && $this->paramsURI[2] == 'verify') {
					$password = $_POST['password'];
					$new_email = $_POST['new_email'];

					$encryption = $this->config['database']['password_encryption'];
					if (!empty($encryption))
						$valid_pass = ($account->getPassword() == $encryption($this->config['database']['salt'].$password));
					else
						$valid_pass = ($account->getPassword() == $this->config['database']['salt'].$password);

					if (!$password || !$new_email) {
						$this->archez->showMsg('All fields are required, <a href="' . PATH . '/account/change_password/">click here</a> to go back.', 'error');
					} elseif ($this->archez->checkEmail($new_email) == false) {
						$this->archez->showMsg('Invalid account e-mail, <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
					} elseif (!$valid_pass) {
						$this->archez->showMsg('Wrong account old password, <a href="' . PATH . '/account/change_password/">click here</a> to go back.', 'error');
					} else {
						$this->archez->showMsg('You can activate new e-mail at ' . date($this->config['website']['date_format'], time() + $this->config['website']['timeToChangeEmail']) . '.', 'notice');
						$account->setCustomField('email_new', $new_email);
						$account->setCustomField('email_new_time', (time() + $this->config['website']['timeToChangeEmail']));
					}
				} else if (isset($this->paramsURI[2]) && $this->paramsURI[2] == 'confirm') {
					if (isset($_POST['confirm']) && $account->getCustomField('email_new_time') > time()) {
						$this->archez->showMsg('You can activate new e-mail at ' . date($this->config['website']['date_format'], time() + $this->config['website']['timeToChangeEmail']) . ', <a href="' . PATH . '/account/management/">click here</a> to go back!', 'error');
					} else if (isset($_POST['cancel'])) {
						$this->archez->showMsg('E-mail changing has been canceled, <a href="' . PATH . '/account/management/">click here</a> to go back!', 'success');
						$account->setCustomField('email_new', null);
						$account->setCustomField('email_new_time', null);
					} else if (isset($_POST['confirm'])) {
						$this->archez->showMsg('E-mail has been changed, <a href="' . PATH . '/account/management/">click here</a> to go back!', 'success');
						$account->setCustomField('email', $account->getCustomField('email_new'));
						$account->setCustomField('email_new', null);
						$account->setCustomField('email_new_time', null);
					} else {
						$view = new View('account/change_email_confirm_form');
						$view->account = $account;
						$view->render();
					}
				} else {
					$view = new View('account/change_email_form');
					$view->render();
				}
			}
		} else {
			$this->archez->showMsg('You must <a href="' . PATH . '/account/login/account/change_email">log in</a> first.', 'notice');
		}
	}

	public function action_management() {
		if (LOGGED) {
			$account = $this->archez->getLogged();


			if (!$account->getCustomField('nickname')) {
				$this->archez->showMsg('Your nickname status has never been changed before, <a href="' . PATH . '/account/nickname/">click here</a> to do so.', 'Notice');
			} else {
				$view = new View('account/management');
				$view->account = $account;
				$view->render();
			}
		} else {
			$this->archez->showMsg('You must <a href="' . PATH . '/account/login/account/managament">log in</a> first.', 'notice');
		}
	}

	public function action_nickname() {
		if (LOGGED) {
			if (!isset($this->paramsURI[2])) {
				$this->redirect(PATH . '/account/nickname/submit/');
			}

			if ($this->paramsURI[2] == 'submit') {
				$account = $this->archez->getLogged();


				if (!$account->getCustomField('nickname')) {
					$view = new View('account/nickname_form');
					$view->render();
				} else {
					$this->redirect(PATH . '/account/management/');
				}
			}

			if ($this->paramsURI[2] == 'change') {
				$account = $this->archez->getLogged();


				if (!$account->getCustomField('nickname') and isset($_POST['nickname'])) {
					$nickname = strip_tags(trim($_POST['nickname']));

					if ($this->archez->checkNickname($nickname)) {
						$account->setCustomField('nickname', $nickname);
						$this->archez->showMsg('Your account nickname has successfully been changed, <a href="' . PATH . '/account/management/">click here</a> to visit your account management page.', 'success');
					} else {
						$this->archez->showMsg('Nickname appears to be invalid, <a href="' . PATH . '/account/nickname/">click here</a> to go back! (a-z, A-Z only!)', 'error');
					}
				} else {
					$this->redirect(PATH . '/account/management/');
				}
			}
		} else {
			$this->redirect(PATH . '/account/login/account/nickname');
		}
	}

	public function action_personal() {
		if (LOGGED) {
			if (!isset($this->paramsURI[2])) {
				$this->redirect(PATH . '/account/personal/submit/');
			}

			if ($this->paramsURI[2] == 'submit') {
				$account = $this->archez->getLogged();


				$view = new View('account/personal_form');
				$view->account = $account;
				$view->render();
			}

			if ($this->paramsURI[2] == 'change') {
				if (isset($_POST['name']) && isset($_POST['location'])) {
					$name = strip_tags(trim($_POST['name']));
					$location = strip_tags(trim($_POST['location']));

					if (!$name or !$location) {
						$this->archez->showMsg('Your account personal could not be changed, <a href="' . PATH . '/account/personal/">click here</a> to go back.', 'error');
					} else {
						$account = $this->archez->getLogged();

						$account->setRLName($name);
						$account->setLocation($location);
						$account->save();
						$this->archez->showMsg('Your account personal information has successfully been changed, <a href="' . PATH . '/account/management/">click here</a> to visit your account management page.', 'success');
					}
				} else {
					$this->archez->showMsg('Your account personal could not be changed, <a href="' . PATH . '/account/personal/">click here</a> to go back.', 'error');
				}
			}
		} else {
			$this->redirect(PATH . '/account/login/');
		}
	}

	public function action_recovery() {
		if (LOGGED) {
			if (isset($this->paramsURI[2])) {
				$this->redirect(PATH . '/account/recovery/');
			}

			$account = $this->archez->getLogged();


			if (!$account->getRecoveryKey()) {
				$account->setRecoveryKey($this->archez->generateKey());
				$account->save();
				$this->archez->showMsg('You have successfully generated a recovery key for your account, <a href="' . PATH . '/account/management/">click here</a> to go back.<br /><br /><font size="4">' . $account->getRecoveryKey() . '</font><br /><br /><small>Your account will appear as registered from now on.</small>', 'success');
			} else {
				$this->archez->showMsg('You can not generate a new recovery key if you already have one, <a href="' . PATH . '/account/management/">click here</a> to go back.', 'error');
			}
		} else {
			$this->redirect(PATH . '/account/login/account/recovery');
		}
	}

	public function action_character() {
		if (!isset($this->paramsURI[2])) {
			$this->redirect(PATH . '/account/character/form/');
		}

		if (LOGGED) {
			$account = $this->archez->getLogged();


			if ($account->getPlayersList()->count() >= $this->config['website']['characters'] && in_array($this->paramsURI[2], array("create", "createverify"))) {
				$this->archez->showMsg('You are not allowed to have more than ' . $this->config['website']['characters'] . ' characters per account, therefore you were unable to proceed, <a href="' . PATH . '/account/management/">click here</a> to go back.', 'error');
				return;
			}

			if ($this->paramsURI[2] == 'create') {
				$view = new View('account/create_form');
				$view->render();
			}

			if ($this->paramsURI[2] == 'createverify') {
				if ($_POST) {
					$name = strip_tags(trim(ucfirst($_POST['character_name'])));
					$sex = strip_tags(trim($_POST['character_sex']));
					$profession = strip_tags(trim($_POST['character_profession']));
					$town = strip_tags(trim($_POST['character_town']));
					$name = Helper_General::clean($name);


					if (!$name) {
						$this->archez->showMsg('You must specify a character name, <a href="' . PATH . '/account/character/create/">click here</a> to go back.', 'error');
					} elseif ($this->archez->checkCharacterName($name) == false) {
						$this->archez->showMsg('Invalid character name, <a href="' . PATH . '/account/character/create/">click here</a> to go back.', 'error');
					} else if (!array_key_exists($proffesion, $this->config['server']['professions'][0])) {
						$this->archez->showMsg('Invalid proffesion, <a href="' . PATH . '/account/character/create/">click here</a> to go back.', 'error');
					} else if (!array_key_exists($town, $this->config['server']['towns'])) {
						$this->archez->showMsg('Invalid town, <a href="' . PATH . '/account/character/create/">click here</a> to go back.', 'error');
					} else if (!array_key_exists($sex, $this->config['server']['sex'])) {
						$this->archez->showMsg('Invalid sex, <a href="' . PATH . '/account/character/create/">click here</a> to go back.', 'error');
					} else {
						$character = $this->ots->createObject('Player');
						$character->find($name);

						if ($character->isLoaded()) {
							$this->archez->showMsg('Character name is not available, <a href="' . PATH . '/account/character/create/">click here</a> to go back.', 'error');
						} else {
							$sampleslist = $this->config['website']['samples'][$profession];
							$samples = $this->ots->createObject('Player');
							$samples->find($sampleslist);

							if (!$samples->isLoaded()) {
								$this->archez->showMsg('Configuration error, <a href="' . PATH . '/account/character/create/">click here</a> to go back.', 'error');
							} else {
								if ($sex == 0) {
									$samples->setLookType(136);
								}

								$account = $this->archez->getLogged();


								$player = $this->ots->createObject('Player');
								$player->setName(ucfirst($name));
								$player->setAccount($account);
								$player->setGroup($samples->getGroup());
								$player->setSex($sex);
								$player->setVocation($samples->getVocation());
								$player->setConditions($samples->getConditions());
								$player->setRank($samples->getRank());
								$player->setLookAddons($samples->getLookAddons());
								$player->setTownId($town);
								$player->setExperience($samples->getExperience());
								$player->setLevel($samples->getLevel());
								$player->setMagLevel($samples->getMagLevel());
								$player->setHealth($samples->getHealth());
								$player->setHealthMax($samples->getHealthMax());
								$player->setMana($samples->getMana());
								$player->setManaMax($samples->getManaMax());
								$player->setManaSpent($samples->getManaSpent());
								$player->setSoul($samples->getSoul());
								$player->setDirection($samples->getDirection());
								$player->setLookBody($samples->getLookBody());
								$player->setLookFeet($samples->getLookFeet());
								$player->setLookHead($samples->getLookHead());
								$player->setLookLegs($samples->getLookLegs());
								$player->setLookType($samples->getLookType());
								$player->setCap($samples->getCap());
								$player->setPosX(0);
								$player->setPosY(0);
								$player->setPosZ(0);
								$player->setLossExperience($samples->getLossExperience());
								$player->setLossMana($samples->getLossMana());
								$player->setLossSkills($samples->getLossSkills());
								$player->setLossItems($samples->getLossItems());
								$player->save();
								unset($player);
								$player = $this->ots->createObject('Player');
								$player->find(ucfirst($name));
								if ($player->isLoaded()) {
									$player->setCustomField('world_id', $this->config['server']['world']);
									$player->setCustomField('created', time());
									$player->setCustomField('hide_char', 0);
									$player->setCustomField('comment', '');
									$player->setCustomField('old_name', '');
									$player->setSkill(0, $samples->getSkill(0));
									$player->setSkill(1, $samples->getSkill(1));
									$player->setSkill(2, $samples->getSkill(2));
									$player->setSkill(3, $samples->getSkill(3));
									$player->setSkill(4, $samples->getSkill(4));
									$player->setSkill(5, $samples->getSkill(5));
									$player->setSkill(6, $samples->getSkill(6));
									$player->save();

									$loadItems = $this->db->query('SELECT * FROM player_items WHERE player_id = ' . $samples->getId() . '');

									foreach ($loadItems as $item) {
										$this->db->query('INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ("' . $player->getId() . '", "' . $item['pid'] . '", "' . $item['sid'] . '", "' . $item['itemtype'] . '", "' . $item['count'] . '", "' . $item['attributes'] . '");');
									}

									$this->archez->showMsg('You have successfully created the character with name: <b>' . ucfirst($name) . '</b>, <a href="' . PATH . '/account/management/">click here</a> to go to account management.', 'success');
								} else {
									$this->archez->showMsg('Contact the administration, something went wrong with the skills.', 'error');
								}
							}
						}
					}
				} else {
					$this->redirect(PATH . '/account/character/create/');
				}
			}

			if ($this->paramsURI[2] == 'delete') {
				$account = $this->archez->getLogged();

				$this->archez->showMsg('You must not forget this action <b>can NOT</b> be undone!<span style="float:right;"><a href="' . PATH . '/account/management/">cancel</a></span></td></tr><tr><td>Deleted characters will still count as part of your account forever, that means that if you reach the ' . $this->config['website']['characters'] . ' characters limit per account (counting deleted characters), the system won\'t let you create more characters.', 'warnings');

				$view = new View('account/delete_form');
				$view->account = $account;
				$view->render();
			}

			if ($this->paramsURI[2] == 'deleteverify') {
				$account = $this->archez->getLogged();

				if (!isset($_POST['character'])) {
					$this->redirect(PATH . '/account/character/delete/');
				}

				$player = $this->ots->createObject('Player');
				$player->find($_POST['character']);

				$password = $_POST['password'];
				$char = $_POST['character'];

				$encryption = $this->config['database']['password_encryption'];
				if (!empty($encryption))
					$valid_pass = ($account->getPassword() == $encryption($this->config['database']['salt'].$password));
				else
					$valid_pass = ($account->getPassword() == $this->config['database']['salt'].$password);

				if (!$password || !$char) {
					$this->archez->showMsg('All fields are required, <a href="' . PATH . '/account/character/delete/">click here</a> to go back.', 'error');
				} elseif (!$valid_pass) {
					$this->archez->showMsg('Wrong account old password, <a href="' . PATH . '/account/character/delete/">click here</a> to go back.', 'error');
				} else {

					if ($player->isLoaded()) {
						if ($player->getAccount() == $account->getId()) {
							if ($player->isDeleted()) {
								$this->archez->showMsg('Character with name <b>' . $player->getName() . '</b> has been deleted before, <a href="' . PATH . '/account/management/">click here</a> to go back.', 'error');
							} else {
								$player->delete();
								$this->archez->showMsg('Character with name <b>' . $player->getName() . '</b> has successfully been deleted, <a href="' . PATH . '/account/management/">click here</a> to go proceed.', 'success');
							}
						} else {
							$this->archez->showMsg('Character with name <b>' . $player->getName() . '</b> does not belong to your account, <a href="' . PATH . '/account/character/delete/">click here</a> to go back.', 'error');
						}
					} else {
						$this->archez->showMsg('Character does not exist, <a href="' . PATH . '/account/character/delete/">click here</a> to go back.', 'error');
					}
				}
			}

			if ($this->paramsURI[2] == 'edit') {
				$account = $this->archez->getLogged();

				$this->archez->showMsg('Choose a character from your account to edit.<span style="float:right;"><a href="' . PATH . '/account/management/">cancel</a></span>', 'notice');

				$view = new View('account/edit_form');
				$view->account = $account;
				$view->render();
			}

			if ($this->paramsURI[2] == 'edition') {
				$account = $this->archez->getLogged();

				if (!isset($_POST['character'])) {
					$this->redirect(PATH . '/account/character/edit/');
				}

				$player = $this->ots->createObject('Player');
				$player->find($_POST['character']);

				$this->archez->showMsg('Here you can see and edit the information about your character.<span style="float:right;"><a href="' . PATH . '/account/management/">cancel</a></span>', 'notice');

				$view = new View('account/character_edition');
				$view->player = $player;
				$view->render();
			}

			if ($this->paramsURI[2] == 'editverify') {
				$account = $this->archez->getLogged();

				if (!isset($_POST['character'])) {
					$this->redirect(PATH . '/account/character/edit/');
				}

				$player_hide = null;
				if (isset($_POST['hide'])) {
					if (!$_POST['hide']) {
						$player_hide = 0;
					} else {
						$player_hide = 1;
					}
				}

				$player = $this->ots->createObject('Player');
				$player->find($_POST['character']);

				if ($player->isLoaded()) {
					if ($player->getAccount() == $account->getId()) {

						$comment = stripslashes(strip_tags($_POST['comment']));

						$player->setCustomField('hide_char', $player_hide);
						$player->setCustomField('comment', $comment);

						$this->archez->showMsg('Character with name <b>' . $player->getName() . '</b> has successfully been edited, <a href="' . PATH . '/account/management/">click here</a> to go proceed.', 'success');
					} else {
						$this->archez->showMsg('Character with name <b>' . $player->getName() . '</b> does not belong to your account, <a href="' . PATH . '/account/character/delete/">click here</a> to go back.', 'error');
					}
				} else {
					$this->archez->showMsg('Character does not exist, <a href="' . PATH . '/account/character/delete/">click here</a> to go back.', 'error');
				}
			}
		} else {
			$this->redirect(PATH . '/account/login/account/character');
		}
	}

	public function action_logout() {
		if (LOGGED) {
			unset($_SESSION['account_id']);
			unset($_SESSION['account_password']);
			unset($_SESSION['logged']);

			$this->archez->showMsg('You have successfully logged out, <a href="' . PATH . '/account/login/">click here</a> to see the log in form again.', 'success');
		} else {
			$this->redirect(PATH . '/account/login/');
		}
	}

	public function action_register() {
		if ($this->config['recaptcha']['enabled'] == true and !$this->config['recaptcha']['publickey'] or !$this->config['recaptcha']['privatekey']) {
			$this->archez->showMsg('Unable to read reCaptcha variables, please check your website configuration file.', 'error');
		} else {
			if (!isset($this->paramsURI[2])) {
				$this->redirect(PATH . '/account/register/form/');
			}

			if ($this->paramsURI[2] == 'form') {
				if (!LOGGED) {
					$view = new View('account/register_form');
					$view->render();
				} else {
					$this->redirect(PATH . '/account/management/');
				}
			}

			if ($this->paramsURI[2] == 'verify') {
				if (!LOGGED) {
					if ($_POST) {
						$name = $_POST['name'];
						$password = $_POST['password'];
						$cpassword = $_POST['cpassword'];
						$email = $_POST['email'];
						if ($this->config['recaptcha']['enabled'] == true) {
							$resp = recaptcha_check_answer($this->config['recaptcha']['privatekey'], $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
						}

						if (!$name or !$password or !$cpassword or !$email) {
							$this->archez->showMsg('All fields are required, <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
						} elseif ($password != $cpassword) {
							$this->archez->showMsg('Failure at password confirmation, <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
						} elseif ($this->archez->checkAccountName($name) == false) {
							$this->archez->showMsg('Invalid account name, <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
						} elseif ($this->archez->checkPassword($password) == false) {
							$this->archez->showMsg('Invalid account password, <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
						} elseif ($this->archez->checkEmail($email) == false) {
							$this->archez->showMsg('Invalid account e-mail, <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
						} elseif ($this->config['recaptcha']['enabled'] == true) {
							if (!$resp->is_valid) {
								$this->archez->showMsg(ucfirst($resp->error) . ', <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
							} else {
								$accountname = strtolower(trim($name));
								$accountemail = trim($email);
								$accountpassword = trim($password);

								$account = $this->ots->createObject('Account');
								$account->find($accountname);

								if ($account->isLoaded()) {
									$this->archez->showMsg('The account name is already registered in database, <a href="' . PATH . '/account/register/form/">click here</a> to go back.', 'error');
								} else {
									$account->create(0, 9999999, $accountname);
									$account->setEMail($accountemail);
									$encryption = $this->config['database']['password_encryption'];
									if (!empty($encryption) && in_array($encryption, $this->config['database']['allowedEncryptions'])) {
										$account->setPassword($this->config['database']['salt'].$encryption($accountpassword));
									} else {
										$account->setPassword($this->config['database']['salt'].$accountpassword);
									}
									$account->unblock();
									$account->save();
									$account->setCustomField('created', time());
									$account->setCustomField('lastday', time());
									$account->setCustomField('page_access', ARCHEZ::ACCESS_USER);
									$account->setCustomField('premdays', $this->config['server']['premdays']);
									$this->archez->showMsg('<b>You have successfuly registered on ' . $this->config['server']['name'] . '!</b><br /><small>Remember that you shall never give away your account name and/or password.</small><br /><br /><a href="' . PATH . '/account/login/">Click here</a> to login for the first time.', 'success');
								}
							}
						}
					}
					else {
						$this->redirect(PATH . '/account/register/form/');
					}
				} else {
					$this->redirect(PATH . '/account/management/');
				}
			}
		}
	}

	public function action_check() {
		if (LOGGED) {
			$this->redirect(PATH . '/account/management/');
		} else {
			$temp = null;
			if (isset($_SESSION['redirect_to'])) {
				$temp = $_SESSION['redirect_to'];
			}
			if (!isset($_POST['account_name']) or !isset($_POST['account_password'])) {
				$this->archez->showMsg('You must fill both fields in order to log in, <a href="' . PATH . '/account/login/">try again.</a>', 'error');
			} elseif (in_array($_POST['account_name'], $this->config['server']['prohibited'])) {
				$this->archez->showMsg('The account name you entered was rejected by the administration, <a href="' . PATH . '/account/login/">click here</a> to go back.', 'error');
			} else {
				$name = stripslashes(strip_tags($_POST['account_name']));
				$password = stripslashes(strip_tags($_POST['account_password']));
				$encryption = $this->config['database']['password_encryption'];
				$query = 'SELECT `name`, `password` FROM `accounts` WHERE `name` = "' . $name . '" AND `password` = ';
				if (empty($encryption)) {
					$query .= '"' . $this->config['database']['salt'].$password . '";';
				} else if ($encryption == 'plain') {
					$query .= '"' . $this->config['database']['salt'].$password . '";';
				} else {
					if (in_array($encryption, $this->config['database']['allowedEncryptions'])) {
					$query .= '"' . $encryption($this->config['database']['salt'].$password) . '";';
					} else {
					$query .= '"x";';
					}
				}
				$check = $this->db->query($query)->fetch();

				if ($check) {
					$account = $this->ots->createObject('Account');
					$account->find($check['name']);

					if ($account->isLoaded() && $account->getPassword() == $check['password']) {
						$_SESSION['account_id'] = $account->getId();
						$_SESSION['account_password'] = $account->getPassword();
						$_SESSION['logged'] = 'yes';
						$_SESSION['access'] = $account->getCustomField('page_access');

						$account->setCustomField('page_lastday', time());

						if ($temp) {
							$temp = $_SESSION['redirect_to'];
							unset($_SESSION['redirect_to']);
							$this->archez->showMsg('You have successfully logged in, click <a href="' . PATH . '/'.$temp.'">here</a> to redirect to previous page.', 'success');
						} else {
							$this->archez->showMsg('You have successfully logged in, click <a href="' . PATH . '/account/management/">here</a> to continue.', 'success');
						}
					} else {
						$this->archez->showMsg('Error in POT.', 'error');
					}
				} else {
					$this->archez->showMsg('Wrong account name or password, <a href="' . PATH . '/account/login/'.$temp.'">click here</a> to try again.', 'error');
				}
			}
		}
	}

}

?>
